1. Field of the Invention
The present invention relates to a method and system for distributed certificate management in ad-hoc networks, and more particularly, to a method and system for providing a key management service using a single set of nodes in ad-hoc networks based on a public key infrastructure (PKI).
2. Description of the Related Art
Ad-hoc networks usually assume that a wireless communication is established between various mobile hosts (i.e., nodes) at any time and any place without assistance from a fixed central infrastructure. Ad-hoc networks can be applied to personal area networks (PAN), sensor networks, military tactical networks, disaster networks, collaborative networking for conferences, etc.
Ad-hoc network solutions used at present include mobile nodes constituting a wireless multi-hopping network and have the following characteristics. First, ad-hoc network solutions do not have an infrastructure. Second, mobile nodes can enter or exit a network at any time. Third, the number and size of messages may be limited due to a narrow wireless communication bandwidth. Fourth, energy resources are limited since nodes in ad-hoc networks use batteries as power sources. Due to this energy limitation, it is not easy to use computationally complex algorithms. Fifth, since mobile nodes are vulnerable to compromising security and channels are vulnerable to attacks, messages are vulnerable to eavesdropping, distortion, and forgery. In addition, since nodes are not stationed in a protected region, the nodes can be easily controlled by attackers and may deny service requested by another node to protect resources such as battery power.
Due to the characteristics of an ad-hoc paradigm, ad-hoc networks need to be reliable and readily available. In other words, security service needs to be available at any time during operation of a network. Denial of a service or selfishness of a node may cause the service to be unavailable. Ad-hoc networks also need scalability. In other words, ad-hoc networks need to be scalable without rapid deterioration in performance to enable an update or handling of a request. Ad-hoc networks also need robustness. In other words, ad-hoc networks need to be robust so that they can resist compromising or faulty nodes and malicious attackers, and can be adapted to dynamically changing topology.
Security service is important in ad-hoc networks. Generally, security service is implemented using cryptography technology. Cryptography technology is based on key management. Cryptography technology based on PKI is used for ad-hoc networks.
In a PKI, a compromised key is revoked. When a user's private key is compromised, the user requests revocation of a public key and a private key in order to protect himself/herself from attacks. When a private key of a certification authority (CA) issuing certificates is compromised, all of the certificates issued by the CA are revoked.
A certificate revocation list (CRL) is most widely used for revocation in a PKI. If a user requests a CA to revoke a key that has been compromised, the CA publishes a serial number of a correspondent certificate on a CRL and distributes the CRL to other users.
Ad-hoc networks also have a problem in revoking a certificate. Each node in an ad-hoc network has a CRL. Entries of the CRL include a node ID and a list of the node's accusers. If a node's accuser list contains less than “k” legitimate accusers, the node is marked as a “suspect”. Otherwise, the node is determined to be misbehaving and marked as “convicted”.
If a node “A” receives an accusation from another node, node A checks if the other node, namely, the accuser has been registered as a convicted node in node A's CRL. If it is, node A drops the accusation. If not, node A updates its CRL entry of the accused node by adding the accuser to the node's accuser list. Long range accusation propagation may cause excessive communication overhead while short range accusation propagation may not cover roaming of the adversary. Accordingly, the accusation should be propagated over a range just long enough so that before the adversary's current certificate expires, the adversary cannot move out of the area where it is convicted by accusations. For this reason, the CRL is spatially and temporally limited.
The following description summarizes important details of a CRL. A certificate revocation mechanism is based on an assumption that each node monitors an operation of its one-hop neighboring node. Each node has its own CRL. A revocation mechanism is based on local nodes' self-decision, i.e., accuser voting. Accuser voting assumes a threshold. In more detail, if the number of accusations against a certain node reaches “k”, a certificate of the node is revoked.
Such security solutions for ad-hoc networks require revocation and validation protocols for a public key based on a PKI, and also require a method of managing certificate revocation.
Conventional certificate revocation in ad-hoc networks has problems of limited memory, under abundant computational resources when an entire CRL is processed using a single node, and lack of flexibility of a certificate validity period.